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Amendments to the Claims 

This listing of claims will replace all prior 
versions, and listings, of claims in the application: 
Listing of Claims: 

1. (Original) A proactive operating environment 
that includes a group of proactive servers communicating over 
a network; each proactive server (PSi) comprising: 

a storage that includes a non erasable part that 
stores at least a public, non proactive related, key start / 
said storage further includes an erasable part for storing 
private and public data; said proactive server is further 
associated with a discardable one-time private key S^stsrt that 
corresponds to said public key V^start/ said proactive server is 
further associated with configuration data C; 

a processor for providing at least proactive 
services to applications; 

the proactive server is associated with a group 
public proactive key Vcert common to said group of proactive 
servers and a share S^cert of a corresponding private proactive 
key ScERT/ 

the processor is operative to invoke initialization 
procedure for generating restore related information; 

the processor is further operative to invoke a 
restore procedure for utilizing at least said public, non 
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proactive related, key V^starc and said restore related 
information for restoring at least said public proactive key 

2. (Original) The system according to Claim 1, 
wherein said restore procedure is invoked by refresh 
procedure . 

3. (Original) The system according to Claim 1, 
wherein said non erasable part of the storage being a ROM 
memory module . 

4 . (previously presented) The system according 
to Claim 1, wherein said applications are at least one of the 
following : 

Secure logging. Secure end -to -end communication, 
Timestamping, Certificate authority. Key recovery. Voting, 
Trading, Database, Operating system. Access control mechanisms. 
Secure Commerce . 

5. (Original) The system according to Claim 1, 
wherein said restore related information includes restore 
related self information. 

6. (Original) The system according to Claim 1, 
wherein said restore related information includes restore 
related others' information. 
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7 . (previously presented) The system according to 
Claim 5, wherein said restore related self information includes 

Mj = S^start (Vcertf C) . 

8 . (previously presented) The system according to 
Claim 6, wherein said restore related others' information 
includes {Scem (M) , M) . 

9 . (previously presented) The system according to 
Claim 1, wherein said initialization procedure includes: 

(i) input for receiving at least configuration data C/ 
public non- proactive related key start and discardable 
one time private key start; 

(ii) the processor generating a set of keys Si(0), Vj(0) , 
Ej(0), Dx(0); 

(iii) broadcasting said set of keys except Dj(0) over the 
network to the rest of the servers {1 . . i-1 , i+1 , .n) in 
the group, so as to authenticate and encrypt the 
network channel ; 

(iv) the processor generating the group public proactive 
key Vcert and a share (S^ cert) of corresponding private 
proactive key 

(v) the processor generating restore related self 
information that includes ATj - S''' start (Vcertf ; 

(vi) discarding the one-time private key start/ 
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(vii) broadcastiing Mi to all servers in the group, and 
receiving Mj from all respective SPj servers in the 
group; the processor concatenating said Mi. .Mn so as 
to construct M; 

(viii) the processor generating a joint signature {Scert 
(M) ,M) that forms part of said restore related 
others' information; and 

(ix) broadcasting the joint signature {Scert (M) ,M) . 

10 . (previously presented) The system according to 
Claim 1 , wherein said recover procedure includes : 

(i) the processor extracting start/ 

(ii) the processor extracting Mi from M; 

(iii) the processor constructing Vcert by applying start to 

Ml; 

(iv) the processor validating M by applying Vcert to the 
joint signature part {Scert (M) ; if the result matches 
M then the server becomes operational; sending M 
and Scert (M) to all the group servers; 

(v) if, on the other hand, M is invalid, then waiting the 
receipt of another joint signature and in response 
repeating said (ii) to (iv) . 
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11. (previously presented) The system of Claim 1, 
wherein an initialize procedure is configured to generate 
restore related information. 

12. (previously presented) The system of Claim 1, 
wherein a restore procedure is configured to utilize at least 
said public, non proactive related, key start ^nd said restore 
related information for restoring at least said public proactive 
key VcERT- 

13 . (Currently Amended) A method for providing a 
proactive security in proactive operating environment; wherein 
the proactive operating environment includes a group of 
proactive servers communicating over a network; the method 
comprising performing the following in respect of each 
proactive server (PSi) oomprioing : 

a — atoragc — that — includco storing in a non erasable 
part that otorco at least a public, non proactive related, key 
start /• oaid otorago further inoludGO an craoablc part for 

storing , in an erasable part private and public 
data; oaid proactive acrvcr ia further QoaociatGd with 

providing a discardable one-time private key start 
that corresponds to said public key v'- start/ oaid — proaotive 
oorvcr io further aooociatcd with 

providing configuration data C; 
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Q proGOooor #^3? providing at least proactive 

services to applications; 

the — proactive — ocrvor — ts — aaoociatcd — with providing a 
group public proactive key Vcert common to said group of 
proactive servers and a share S^cert of corresponding private 
proactive key Scert/ the method further including : 

invoking an initialization procedure for generating 
restore related information; and 

invoking a restore procedure for utilizing at least 
said public, non proactive related, key V^start and said restore 
related information for restoring at least said public 
proactive key Vcert- 

14. (Original) The method according to Claim 
13, wherein said restore procedure is invoked by refresh 
procedure . 

15. (previously presented) The method according 
to Claim 13, wherein said non erasable part of the storage is 
a ROM memory module . 

16. (previously presented) The method according 
to Claim 13, wherein said applications are at least one of the 
following : 

Secure logging. Secure end -to -end communication. 
Times tamping. Certificate authority. Key recovery, Voting, 
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Trading, Database, Operating system. Access control mechanisms. 
Secure Commerce . 

17. (Original) The method according to Claim 13, 
wherein said restore related information includes restore 
related self information. 

18. (Original) The method according to Claim 13, 
wherein said restore related information includes restore 
related others' information. 

19. (previously presented) The method according to 
Claim 17, wherein said restore related self information includes 

Mj = S^start (Vcertr C) . 

20. (previously presented) The method according to 
Claim .18, wherein said restore related others' information 
includes ( Scert (M) , M) . 

21. (previously presented) The method according to 
Claim 13, wherein said initialization procedure includes: 

(i) receiving at least configuration data C, piiblic non- 
proactive related key V^start and discardable one time 
private key start/ 

(ii) generating a set of keys Si(0), Vi(0), Ei(0) , Di(0); 

(iii) broadcasting said set of keys except Dx(0) over the 
network to the rest of the servers {1 . . i-1 , i+1 . . n) in 
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the group, so as to authenticate and encrypt the 
network channel ; 

(iv) generating the group piiblic proactive key Vcert: and a 
share {S^ cert) of corresponding private proactive key 

(v) generating restore related self information that 

includes Mj = start (^Cert, C) . 

(vi) discarding the one-time private key S^stsirt/ 

(vii) broadcasting Mi to all servers in the group, and 
receiving Mj from all respective SPj servers in the 
group; the processor concatenating said Mi. .Mn so as 
to construct M; 

(viii) generating a joint signature {Scert (M) ,M) that forms 
part of said restore related others' information; and 

(ix) broadcasting the joint signature {Scert (M) ,M) . 

22. (currently amended) The method according to 
Claim 13 , wherein said re cover restore procedure includes : 

(i) extracting start/ 

(ii) extracting Mx from M/ 

(iii) constructing Vcejrt by applying V^start to Mj; 

(iv) validating M by applying Vcert to the joint signature 
part Scert (M) ; if the result matches M then the server 
becomes operational; sending M and Scert (M) to all 
the group servers; 
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(v) if, on the other hand, AT is invalid, then waiting the 
receipt of another joint signature and in response 
repeating said (ii) to (iv) . 

23. (Cancelled) 

24. (Cancelled) 

25. (Currently amended) A storage medium storing 
computer implemented program for 

providing a proactive security in proactive operating 
environment; the proactive operating environment includes a 
group of proactive servers communicating over a network; the 
method comprising performing the following in respect of each 
proactive server (PSi) oomprioing : 

storing in a non erasable part at least a public, non 
proactive related, key scare; 

storing in an erasable part private and public data; 

providing a discardable one-time private key stam 
that corresponds to said public key start i 

providing configuration data C; 

providing at least proactive services to 

applications ; 

providing a group public proactive key V cbr t of a 
corresponding private proactive key S certi 
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invoking an initialization procedure for generating 
restore related information; and 

invoking a restore procedure for utilizing at least 
said public, non proactive related, key star t and said restore 
related information for restoring at least said public proactive 
key V cERT- 

providing a proactivo — ooourity in proactivG operating 

environment ; fe^ie — proactive — operating — environment — includco — a 

group — — proQCtivc — ocrvcra — communicating — over — a — nctworlc; — each 
proactive ocrvcr — fPS*^ — compr icing ; 

a — otoragc — that — includoo — a — Ree — craoablc — part — that 

□toroo — at — Icaot a — public , — HeH — proactive — related, — key — V^etart-t 

oaid — otoragc — further — includco — afi — craoablc — part — ^e^? — otoring 

private — asid — public — data; oaid — proactive — ocrvcr — is — further 

aooociated with — a — diocardablc — one time — private — key — S^ctart — that 
corrcopondo — te — oaid public — key — V^ctart-f — oaid proactive — oer^er — io 
further aooociated with configuration data — Qt 

a procGooor providing a-fe Icaot proactive 

ocrvicGO to applicationo ; 

■fetee — proactive — oerver — m — aooociated — with — a — group 

public — proactive — key — Vcbrt common — fee — oaid — group of — proactive 

ocrvcra — and a — oharc — S^ cert of — a — corrcoponding private proactive 
lecy GcERT f — the method further including; 
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invoicing initialisation procedure #oa? generating 

reatorc — related — information; — and — invoking — a — rcotoro — procedure 
for utilising — at — Icaot — oaid public, — non proactive — related, — key 
^ctart — a**d — oaid — reotorc — related — inf oinnation — #o3e — reotoring — afe 
leaat oaid public proactive key Vchut - 
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